Security News > 2023 > August > Google unveils stronger cellular security for Android 14

Google has revealed new cellular security mitigations that will be available for users and enterprises on its soon-to-be-released Android 14, and announced a new release schedule for Chrome Stable channel updates.

Even though 2G service has been shut down by most major network carriers, many devices are still able to connect to dwindling 2G cellular networks.

"Stingrays are obscure yet very powerful surveillance and interception tools that have been leveraged in multiple scenarios, ranging from potentially sideloading Pegasus malware into journalist phones to a sophisticated phishing scheme that allegedly impacted hundreds of thousands of users with a single ," Google explained.

With Android 14 set to be released soon, Google will enable IT administrators and users to disable 2G support on managed and personal devices, respectively.

For additional cellular security, Google announced an option that allows users to disable support for cellular null ciphers, which are still commonly used by commercial networks and can expose user voice and SMS traffic to interception.

"Chrome began releasing Stable channel updates every two weeks in 2020, with Chrome 77, as a way to help reduce the patch gap. Before Chrome 77, our patch gap averaged 35 days. Since moving the biweekly release cadence, the patch gap has been reduced to around 15 days. The switch to weekly updates allows us to ship security fixes even faster, and further reduce the patch gap," noted Amy Ressler, senior technical program manager at Chrome Security Team.

News URL

https://www.helpnetsecurity.com/2023/08/09/android-14-cellular-security/